eea0c9f0c9
Firewalld provides a dynamically managed firewall with support for network or firewall zones to define the trust level of network connections or interfaces. Items of note: - Setting PYTHON="/usr/bin/env python$(PYTHON3_VERSION_MAJOR)" prevents Firewalld from setting the shebang in the installed python files to the full path to the python interpreter used when building. - The bundled provided SYSV init file has several bashisms and requires /etc/init.d/functions which buildroot doesn't provide. So instead, a more simple init.d file is provided in the package directory, which does not require bash. - Firewalld >= 1.0.0 requires a linux kernel version of 5.3 or later. Because Buildroot does not have a mechanism to detect what version a user is compiling if the kernel is external, there is no way to prevent a user with an external kernel older than 5.3 to select this package. - To run, Firewalld requires enabling almost every single nftables option in the kernel menuconfig. Indeed for a regular user, this task is quite a time-consuming operation, and missing even one required nftables option results in firewalld failing to start. Through a mix of trial and error and talking to the upstream developers, the package selects the minimum amount of kernel options required for runtime. Understandably the list is daunting. However, these options have passed run-time tests with kernel 5.3 (the minimum kernel version required) and kernel 6.2.10 (the latest kernel version as of this commit log.) As such, it is safe to say these options will work for anybody wanting to use firewalld with a supported kernel version of 5.3 or higher. Signed-off-by: Adam Duskett <aduskett@gmail.com> [Thomas: - select python3 instead of depending on it - fixup Config.in comment - rely on NLS support by autotools-package] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> |
||
|---|---|---|
| arch | ||
| board | ||
| boot | ||
| configs | ||
| docs | ||
| fs | ||
| linux | ||
| package | ||
| support | ||
| system | ||
| toolchain | ||
| utils | ||
| .checkpackageignore | ||
| .clang-format | ||
| .defconfig | ||
| .flake8 | ||
| .gitignore | ||
| .gitlab-ci.yml | ||
| .shellcheckrc | ||
| CHANGES | ||
| Config.in | ||
| Config.in.legacy | ||
| COPYING | ||
| DEVELOPERS | ||
| Makefile | ||
| Makefile.legacy | ||
| README | ||
Buildroot is a simple, efficient and easy-to-use tool to generate embedded Linux systems through cross-compilation. The documentation can be found in docs/manual. You can generate a text document with 'make manual-text' and read output/docs/manual/manual.text. Online documentation can be found at http://buildroot.org/docs.html To build and use the buildroot stuff, do the following: 1) run 'make menuconfig' 2) select the target architecture and the packages you wish to compile 3) run 'make' 4) wait while it compiles 5) find the kernel, bootloader, root filesystem, etc. in output/images You do not need to be root to build or run buildroot. Have fun! Buildroot comes with a basic configuration for a number of boards. Run 'make list-defconfigs' to view the list of provided configurations. Please feed suggestions, bug reports, insults, and bribes back to the buildroot mailing list: buildroot@buildroot.org You can also find us on #buildroot on OFTC IRC. If you would like to contribute patches, please read https://buildroot.org/manual.html#submitting-patches